Protecting Your Data on Campus

When campus safety is discussed with college students, it often includes how students can prevent themselves from physical harm or keep their stuff from being stolen.

But students also need a plan to keep their digital information secure at college. Data breaches are increasingly common, and colleges are no exception. From 2012 and 2016, universities and colleges experienced 153 breaches from either hacks or unintended disclosures.

In some cases, there’s no way for students to avoid giving some of their most important information to a university.

But, in other cases, students should question why they’re being asked for certain information, said Gerry Santoro, a founding associate professor of the Information Sciences and Technology department at Penn State University. He runs a website to help student learn how to keep their data secure.

“Once your information is out of your control, there’s nothing you can do,” he said.

If students are applying for scholarships with organizations outside their university, they should be wary of submitting information like their FSA ID, which would allow a third party to access their family’s financial information or sign loan promissory notes, Santoro said.

Additionally, the FAFSA ID shouldn’t be shared with anyone.

Santoro suggests his students request their directory information, which can include name, address and phone number, be removed from a university’s public student directory. He encourages students to limit the personal information they post on social media websites — including when they will be away from their dorms or apartments.

“I tell my students, if you’re going on vacation or going for holiday, don’t post this stuff, wait until you come back, because you’re basically telling people you’re not at home,” he said.

When browsing the web on their personal computers, Santoro recommends that students don’t use their main, administrative account, but rather create a second account. That can prevent malware from being unknowingly downloaded onto a computer. Several web browsers also offer an incognito mode that blocks cookies and other identifiers.

Students should check their credit cards, bank accounts and other accounts with sensitive information several times a month to make sure everything appears normal. If a student thinks he or she is being hacked, they should immediately change their passwords before contacting university authorities.

Breaches, however, don’t always happen online.

Laptops are frequently stolen, and it only takes a few minutes for a thief to snatch an unguarded computer from a library table. Special locks can keep laptops from being easily snatched, and backing up information on an external flash drive prevents students from losing everything.